package com.blu.realm;

import java.util.HashSet;
import java.util.Set;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;

import com.blu.entity.Account;
import com.blu.service.AccountService;

public class AccountRealm extends AuthorizingRealm {
	
	@Autowired
	private AccountService accountService;
	
	/**
	 * 授权
	 */

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		//获取当前登录的用户信息
		Subject subject = SecurityUtils.getSubject();
		Account account = (Account) subject.getPrincipal();//得到身份
		//设置角色
		Set<String> rolesset = new HashSet<>();
		rolesset.add(account.getRole());
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(rolesset);
		//设置权限
		info.addStringPermission(account.getPerms());
		return info;
	}

	/**
	 * 认证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
		UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
		Account account = accountService.findByUsername(token.getUsername());
		if(account != null){
			return new SimpleAuthenticationInfo(account,account.getPassword(), getName());
		}
		return null;
	}

}
